Drupal

Today, Acquia announced that it expanded Acquia Cloud to support Node.js, the popular open-source JavaScript runtime. This is a big milestone for Acquia as it is the first time we have extended our cloud beyond Drupal. I wanted to take some time to explain the evolution of Acquia's open-source stack and why this shift is important for our customers' success.

From client-side JavaScript to server-side JavaScript

JavaScript was created at Netscape in 1995, when Brendan Eich wrote the first version of JavaScript in just 10 days. It took around 10 years for JavaScript to reach enterprise maturity, however. Adoption accelerated in 2004 when Google used JavaScript to build the first release of Gmail. In comparison to e-mail competitors like Yahoo! Mail and Hotmail, Gmail showed what was possible with client-side JavaScript, which enables developers to update pages dynamically and reduces full-page refreshes and round trips to the server. The benefit is an improved user experience that is usually faster, more dynamic in its behavior, and generally more application-like.

In 2009, Google invented the V8 JavaScript engine, which was embedded into its Chrome browser to make both Gmail and Google Maps faster. Ryan Dahl used the V8 run-time as the foundation of Node.js, which enabled server-side JavaScript, breaking the language out of the boundaries of the browser. Node.js is event-driven and provides asynchronous, non-blocking I/O — things that help developers build modern web applications, especially those with real-time capabilities and streamed data. It ushered in the era of isomorphic applications, which means that JavaScript applications can now share code between the client side and server side. The introduction of Node.js has spurred a JavaScript renaissance and contributed to the popularity of JavaScript frameworks such as AngularJS, Ember and React.

Acquia's investment in Headless Drupal

In the web development world, few trends are spreading more rapidly than decoupled architectures using JavaScript frameworks and headless CMS. Decoupled architectures are gaining prominence because architects are looking to take advantage of other front-end technologies, most commonly JavaScript based front ends, in addition to those native to Drupal.

Acquia has been investing in the development of headless Drupal for nearly five years, when we began contributing to the addition of web service APIs to Drupal core. A year ago, we released Waterwheel, an ecosystem of software development kits (SDKs) that enables developers to build Drupal-backed applications in JavaScript and Swift, without needing extensive Drupal expertise. This summer, we released Reservoir, a Drupal distribution for decoupled Drupal. Over the past year, Acquia has helped to support a variety of headless architectures, with and without Node.js. While not always required, Node.js is often used alongside of a headless Drupal application to provide server-side rendering of JavaScript applications or real-time capabilities.

Managed Node.js on Acquia Cloud

Previously, if an organization wanted to build a decoupled architecture with Node.js, it was not able to host the Node.js application on Acquia Cloud. This means that the organization would have to run Node.js with a separate vendor. In many instances, this requires organizations to monitor, troubleshoot and patch the infrastructure supporting the Node.js application of their own accord. Separating the management of the Node.js application and Drupal back end not only introduces a variety of complexities, including security risk and governance challenges, but it also creates operational strain. Organizations must rely on two vendors, two support teams, and multiple contacts to build decoupled applications using Drupal and Node.js.

To eliminate this inefficiency, Acquia Cloud can now support both Drupal and Node.js. Our goal is to offer the best platform for developing and running Drupal and Node.js applications. This means that organizations only need to rely on one vendor and one cloud infrastructure when using Drupal and Node.js. Customers can access Drupal and Node.js environments from a single user interface, in addition to tools that enable continuous delivery, continuous integration, monitoring, alerting and support across both Drupal and Node.js.

On Acquia Cloud, customers can access Drupal and Node.js environments from a single user interface.
Delivering on Acquia's mission

When reflecting on Acquia's first decade this past summer, I shared that one of the original corporate values our small team dreamed up was to "empower everyone to rapidly assemble killer websites". After ten years, we've evolved our mission to "build the universal platform for the world's greatest digital experiences". While our focus has expanded as we've grown, Acquia's enduring aim is to provide our customers with the best tools available. Adding Node.js to Acquia Cloud is a natural evolution of our mission.

Today, Acquia announced that it expanded Acquia Cloud to support Node.js, the popular open-source JavaScript runtime. This is a big milestone for Acquia as it is the first time we have extended our cloud beyond Drupal. I wanted to take some time to explain the evolution of Acquia's open-source stack and why this shift is important for our customers' success.

From client-side JavaScript to server-side JavaScript

JavaScript was created at Netscape in 1995, when Brendan Eich wrote the first version of JavaScript in just 10 days. It took around 10 years for JavaScript to reach enterprise maturity, however. Adoption accelerated in 2004 when Google used JavaScript to build the first release of Gmail. In comparison to e-mail competitors like Yahoo! Mail and Hotmail, Gmail showed what was possible with client-side JavaScript, which enables developers to update pages dynamically and reduces full-page refreshes and round trips to the server. The benefit is an improved user experience that is usually faster, more dynamic in its behavior, and generally more application-like.

In 2009, Google invented the V8 JavaScript engine, which was embedded into its Chrome browser to make both Gmail and Google Maps faster. Ryan Dahl used the V8 run-time as the foundation of Node.js, which enabled server-side JavaScript, breaking the language out of the boundaries of the browser. Node.js is event-driven and provides asynchronous, non-blocking I/O — things that help developers build modern web applications, especially those with real-time capabilities and streamed data. It ushered in the era of isomorphic applications, which means that JavaScript applications can now share code between the client side and server side. The introduction of Node.js has spurred a JavaScript renaissance and contributed to the popularity of JavaScript frameworks such as AngularJS, Ember and React.

Acquia's investment in Headless Drupal

In the web development world, few trends are spreading more rapidly than decoupled architectures using JavaScript frameworks and headless CMS. Decoupled architectures are gaining prominence because architects are looking to take advantage of other front-end technologies, most commonly JavaScript based front ends, in addition to those native to Drupal.

Acquia has been investing in the development of headless Drupal for nearly five years, when we began contributing to the addition of web service APIs to Drupal core. A year ago, we released Waterwheel, an ecosystem of software development kits (SDKs) that enables developers to build Drupal-backed applications in JavaScript and Swift, without needing extensive Drupal expertise. This summer, we released Reservoir, a Drupal distribution for decoupled Drupal. Over the past year, Acquia has helped to support a variety of headless architectures, with and without Node.js. While not always required, Node.js is often used alongside of a headless Drupal application to provide server-side rendering of JavaScript applications or real-time capabilities.

Managed Node.js on Acquia Cloud

Previously, if an organization wanted to build a decoupled architecture with Node.js, it was not able to host the Node.js application on Acquia Cloud. This means that the organization would have to run Node.js with a separate vendor. In many instances, this requires organizations to monitor, troubleshoot and patch the infrastructure supporting the Node.js application of their own accord. Separating the management of the Node.js application and Drupal back end not only introduces a variety of complexities, including security risk and governance challenges, but it also creates operational strain. Organizations must rely on two vendors, two support teams, and multiple contacts to build decoupled applications using Drupal and Node.js.

To eliminate this inefficiency, Acquia Cloud can now support both Drupal and Node.js. Our goal is to offer the best platform for developing and running Drupal and Node.js applications. This means that organizations only need to rely on one vendor and one cloud infrastructure when using Drupal and Node.js. Customers can access Drupal and Node.js environments from a single user interface, in addition to tools that enable continuous delivery, continuous integration, monitoring, alerting and support across both Drupal and Node.js.

On Acquia Cloud, customers can access Drupal and Node.js environments from a single user interface.
Delivering on Acquia's mission

When reflecting on Acquia's first decade this past summer, I shared that one of the original corporate values our small team dreamed up was to "empower everyone to rapidly assemble killer websites". After ten years, we've evolved our mission to "build the universal platform for the world's greatest digital experiences". While our focus has expanded as we've grown, Acquia's enduring aim is to provide our customers with the best tools available. Adding Node.js to Acquia Cloud is a natural evolution of our mission.

DrupalCon Vienna includes a full track of core conversations where you can learn about current topics in Drupal core development, and a week of sprints where you can participate in shaping Drupal's future.

In addition to the core conversations, we have a few meetings on specific topics for future core development. These meetings will be very focused, so contact the listed organizer for each if you are interested in participating. There are also birds-of-a-feather (BoF) sessions, which are open to all attendees without notice.

Read our Roadmap to understand how this work falls into priorities set by the Drupal Association with direction and collaboration from the Board and community.

Announcement
TLS 1.0 and 1.1 deprecated

Drupal.org uses the Fastly CDN service for content delivery, and Fastly has depreciated support for TLS 1.1, 1.0, and 3DES on the cert we use for Drupal.org, per the mandate by the PCI Security Standards Council. This change took place on 9 Aug 2017. This means that browsers and API clients using the older TLS 1.1 or 1.0 protocols will no longer be supported. Older versions of curl or wget may be affected as well.

Almost time for DrupalCon Vienna

DrupalCon Vienna is almost here! From September 26-29 you can join us for keynotes, sessions, and sprinting. Most of the Drupal Association engineering team will be on site, and we'll be hosting a panel discussion about recent updates to Drupal.org, and our plans for the future.

We hope to see you there!

Drupal.org updates
8.4.0 Alpha/Beta/Release Candidate 1

On August 3rd, Drupal 8.4.0 received its alpha release, followed on the 17th by a beta release, and on September 6th by the first release candidate. Several new stable API modules are now included in core for everything from workflow management to media management. Core maintainers hope to reach a stable release of Drupal 8.4 soon.

Improvements to Project Pages

We made a number of improvements to project pages in August, one of which was to clean up the 'Project information' section and add new iconography to make signals about project quality more clear to site builders.

In the same vein, we've also improved the download table for contrib projects, by making it more clear which releases are recommended by the maintainer, providing pre-release information for minor versions, and displaying recent test results.

Metadata about security coverage available to Composer

Developers who build Drupal sites using Composer may miss some of the project quality indicators from project pages on Drupal.org. Because of this, we now include information about whether a project receives security advisory coverage in the Composer 'extra' attribute. By including this information in the composer json for each project, we hope to make it easier for developers using Composer to ensure they are only using modules with security advisory coverage. This information is also accessible for developers who may want to make additional tools for managing composer packages.

Automatic issue credit for committers

Just about the last step in resolving any code-related issue is for a project maintainer to commit the changes. To make sure these maintainers are credited for the work they do to review these code changes, we now automatically add issue credit for committers.

Performance Improvements for Events.Drupal.org

With DrupalCon coming up in September we spent a little bit of time tuning the performance of Events.Drupal.org. We managed to resolve a session management bug that was the root cause of a significant slow down, so now the site is performing much better.

Syncing your DrupalCon schedule to your calendar

A long requested feature for our DrupalCon websites has been the ability to sync a user's personal schedule to a calendar service. In August we released an initial implementation of this feature, and we're working on updating it in September to support ongoing syncing - stay tuned!

Membership CTA on Download and Extend

We've added a call to action for new members on the Drupal.org Download and Extend page, which highlights some great words and faces from the community. Membership contributions are a crucial part of funding Drupal.org and DrupalCon, but much the majority of traffic we receive on Drupal.org is anonymous, and may not reach the areas of the site where we've promoted membership in the past. We're hoping this campaign will help us reach a wider audience.

DrupalCI sponsorship

DrupalCI is one of the most critical services the Drupal Association provides to the project, and also one of the more expensive. We've recently added a very small section to highlight how membership contributions help provide testing for the project - and in the future we hope to highlight sponsors who will step up specifically to subsidize testing for the Drupal project.

Infrastructure
More semantic labels for testing

In August we added more semantic labels for DrupalCI test configuration. This means that project maintainers no longer have to update their testing targets with each new release of Drupal, they can instead test against the 'pre-release' or 'supported' version, etc. More information can be found in the DrupalCI documentation.

Started PCI audit

In August we also began a PCI audit, and developed a plan of action to reduce the Drupal Association's PCI scope. Protecting our community's personal and financial information is critically important, and with a small engineering team, the more we can offload PCI responsibility onto our payment vendors the better. We'll be continuing to work on these changes into the new year.

———

As always, we’d like to say thanks to all the volunteers who work with us, and to the Drupal Association Supporters, who made it possible for us to work on these projects. In particular we want to thank:

Last week, Dries Buytaert published a post detailing the organisations that sponsor Drupal. It’s an insightful report, and we’re proud to be represented among the top 30 contributing organisations globally based on the number of Drupal.org commit credits.

I spend around 20% of my work week contributing to open source, primarily Group – the Drupal 8 module I wrote to allow you to create arbitrary collections of content and users, and grant access control permissions on those collections. Check out all the reasons Group is awesome!

How much time I spend on open source.

Before I joined Deeson I worked almost exclusively on Group in my own time. My previous employer promised me time for Group but I could never really get round to it properly during office hours. It started putting a massive strain on my personal life. Since joining Deeson, I work one day a week on contrib or core.

My main focus is Group, which gets the most attention throughout the year. However, sometimes I need to add or fix something in core so I focus on that instead. That may take up several weeks but in the end I always return to Group.

I now only spend my personal time reading incoming issues, blog posts and Twitter about Group and coming up with architecture. The actual coding is done during office hours.

Employer buy in is key.

Deeson cares about what I work on, encourages me to work on high-visibility modules and issues, and generally gives me the space I need to properly contribute back to the project.

They recognise the fact that this type of work leads to a high level of expertise which in turn benefits the company in the quality of the work we do for clients.

Deeson ranks top of the list for me, hands down, when it comes to agency commitment to encouraging developers to work on open source projects. When they say I get one day a week, I get one day a week.

Only over the summer with people on vacation was I asked to cover for others for a couple of weeks. Which is only natural when you’re part of a team. The rest of the year I really get the time I need to keep up with my contributions.

Contributing to open source makes for better developers.

Open source is what I do. The inherent constant peer review is exactly what I need because I don’t have a degree in computer sciences. If it weren’t for the way open source works, I wouldn’t be the developer I am now. It has really helped my hone my skills in a way that education probably never could.

In other words: My job would probably suck if it weren’t for the fun aspects open source software has to offer!

If you want to work for an agency that offers paid time to support open source projects, check out our current vacancies.

For those reading this who don’t already know, DrupalCon Europe is a community-focused event intended to bring existing community members together as well as encourage new participation in the project. There are a number of session tracks focusing on broadly accessible topics such as “Being Human” all the way through to the detailed and technical sessions. There are also sprint workshops focused on adding features and fixing bugs in the existing and future version of Drupal. In a very real sense, there is something for everyone.

Compared with some of the other Amazee Labs team members, I am a relative DrupalCon newbie. I’ve only recently moved to the UK, so this will be my second DrupalCon. For some of the team members, this will be their 10th or even 15th DrupalCon!

Something that struck me last year, and that I’m really excited to see again this year, is the diversity of the attendees and how much work the organisers and community put into making the event accessible. I’m really looking forward to seeing people from all ages, races, and genders getting together under the banner of something we all have in common, namely our support (albeit in varied forms) for the Drupal Open Source project.

There is a growing sense of excitement in our daily standups and on our Slack channels as we draw closer to this year’s event. We have people coming from across Europe, South Africa, the UK, Taiwan, and the USA. While most of us are traveling to the event by way of planes, trains, and automobiles we can proudly boast that one of our team members is cycling all the way from Zurich to Vienna through the Alps! This is not the result of a lost bet between rivals but rather Amazee’s latest “Extreme Challenge” participant. Check out the Tour de Drupalps if you are (understandably) intrigued. You can also follow @dasjo or the #drupalps on Twitter.

Amazee submitted a number of session proposals this year and we are extremely proud of our team members who were selected to share their knowledge and ideas with the Drupal community.

With so many of our core team members working all over the world, we love to take these opportunities to have some real-world and in-person conversations. Our team dinner is a great opportunity to buy that person - who is usually on the other side of the world - a beer to say thanks for that one time where they made magic happen on that deadline that needed to get done that one Friday. It’s also a great opportunity to seek out that core or module developer and say thanks for all their efforts on the Drupal project.

Looking beyond ourselves, we’re also really excited to see what other companies and teams are doing and thinking. Josef is super excited for the Community Summit on Monday. Mary is excited to see the presentation on “Teaching Clients How to Succeed”, and I’m looking forward to seeing a presentation on Drupal & Ethereum as well as the Commerce 2.0 “Lessons Learned”.

If you’re attending, I hope to see you around! If you’re not attending you’ll be able to follow along with us. During the course of DrupalCon we will be posting at least one blog post per day on our Amazee Labs blog about the various events and highlights of our team’s experiences, so check back here and keep an eye out for our various social media posts.

Here is where we seek to bring awareness to Drupal modules running on less than 1% of reporting sites. Today we'll investigate Module Sitemap, a module which will help you navigate through pages associated with modules you have enabled on your site. We also briefly review the Coffee module.

Most admin users won't, and shouldn't, have full access to the Drupal administration backend. They need to concentrate on tasks like adding and managing content, taxonomies, menus, and possibly other users. They do not need access to configure views, install/configure modules, or any other full administration privileges.

The idea of this module was born on a project where instead of Commerce Customer Profiles, user profiles were displayed in the checkout process with Commerce User Profile pane module. Instead of creating new customer profiles for each order, a user can see and modify its current profile data in the checkout process. Because we still need to keep track of actual billing data for an order, we developed this module that saves actual revision id of an account to each order.

There have been many blog post written about the forthcoming DrupalCon in Vienna. Many topics were covered including our Accepted Business sessions for DrupalCon Vienna. To refresh your memories, we presented them because our commercial director Iztok Smolic was selected in a business track team to help prepare the program and select the sessions.
Maybe it is obvious or maybe it is not. But it's definitely time to say that we will be present on a DrupalCon in Vienna! Besides Iztok, who will be attending his eight DrupalCon, with the first one dating back to 2009, our development director… READ MORE

Support the game designs and theoretical work of As If Productions. Written especially for roleplayers, GMs, game designers, artists and neophiles who are interested in experimental applications of narrative engineering.